Shell command execution detected (child_process).
- Code
- suspicious.dangerous_exec
- Location
- cli.mjs:666
- Evidence
const result = spawnSync(command, args, {
Security audit
Security checks across malware telemetry and agentic risk
TeamClaw’s virtual-team features are mostly consistent with its description, but it can automatically launch worker agents, install additional skills, and pass environment access to workers, so it should be reviewed carefully before use.
Install only if you are comfortable running a multi-agent orchestration service that can start workers, coordinate over the network, use Git, and potentially install additional skills on workers. Begin with local-only mode, disable on-demand provisioning and Git publishing until needed, use isolated workspaces, and carefully limit any environment variables or credentials available to worker agents.
VirusTotal engine telemetry is currently stale for this artifact.
Detected: suspicious.dangerous_exec, suspicious.env_credential_access
const result = spawnSync(command, args, {const child = spawn(process.execPath, [
const child = spawn(process.execPath, [
const child = spawn(command, args, {const child = spawn(command, args, {...process.env,
...process.env,
const requestedWorkerId = process.env.TEAMCLAW_WORKER_ID?.trim() || undefined;